isomorphic-git/cors-proxy

Releases19

Frequency6 months 1 day

Last Release about 2 months ago

Stars105

Proxy clone and push requests for the browser

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-23664 ↗	Jan 21, 2022Friday, 21 January 2022, 20:15	8.6 HIGH	5 MEDIUM
The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.